Uploaded image for project: 'Percona Monitoring and Management'
  1. Percona Monitoring and Management
  2. PMM-5226

Prototype Pollution vulnerability (CVE-2019-19919) in handlebars

    XMLWordPrintable

Details

    • Bug
    • Status: Done
    • High
    • Resolution: Done
    • 2.2.0
    • 2.2.1
    • QAN App
    • 1
    • Yes
    • Yes

    Description

      The handlebars package has the Prototype Pollution vulnerability (CVE-2019-19919).

      PMM versions were not affected by this vulnerability, as this package is used as a build dependency only.

      Solution: update handlebars to version 4.5.3.

      https://github.com/percona/qan-app/pull/354

      Attachments

        Issue Links

          is cloned by

          Bug - A problem which impairs or prevents the functions of the product. PMM-5227 Prototype Pollution vulnerability (CVE-2019-19919) in handlebars (PMM1)

          • High - Significant issues that affect core functionality and should be resolved relatively soon.
          • Done

          Bug - A problem which impairs or prevents the functions of the product. PMM-5371 CVE-2019-19919: Update Handlebars to 4.5.3

          • High - Significant issues that affect core functionality and should be resolved relatively soon.
          • Done
          mentioned in

          Page Loading...

          Activity

            People

              Unassigned Unassigned
              roma.novikov Roma Novikov
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - Not Specified
                  Not Specified
                  Logged:
                  Time Spent - 1 hour, 10 minutes
                  1h 10m

                  Smart Checklist